Effective Authentication Technique for Distributed Denial of Service Attacks in Wireless Local Area Networks
Abstract
Problem statement: In 802.11-based Wireless LAN (WLAN), there is an mproved risk of security attacks. To defeat concealed attacks, there is a necessity to authenticate both access points and wireless stations. Approach: We propose a defensive technique for DDoS attack in WLAN. This authentication technique includes an Authentication Server (AS) in addition to the Wireless Station (WS) and Access Point (AP). Results: The authentication server holds both normal and attacker databases. The attacker database can be constructed from the outcome of fuzzy decision making. After WS and AP registers itself with AS, WS sends authentication request message to AS through the nearest AP. Before granting the session key for the WS, the AS checks the occurrence of WS in the attacker database. If it is found to be an attacker, AS denies the session key for the WS, there by isolating the WS from further communications. In order to prevent the authentication request flooding attacks, traffic pattern filtering rule is implemented. Conclusion/Recommendations: By simulation results, we show that the proposed technique is more efficient defensive mechanism against DDoS attack.
DOI: https://doi.org/10.3844/jcssp.2012.828.834
Copyright: © 2012 M. Moorthy and S. Sathiyabama. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
- 3,724 Views
- 4,143 Downloads
- 0 Citations
Download
Keywords
- Wireless Local Area Networks (WLAN)
- Authentication Server (AS)
- Wireless Station (WS)
- Access Point (AP)
- Intrusion Detection System (IDS)